My DHCP server also acts as my NAT router and as such is connected both
to my internal network and the outside world. I only want the DHCP
server to listen to requests on the internal connection. (eth1)
Unfortunately, it seems that no matter what I do requests (i.e.
DHCPDISCOVER from * via eth0) still come in on the external connection
(eth0). While the requests aren't being honored, they are still coming
in and being written to the syslog, causing a LOT of garbage in there.
I've decided to try and just filter out any requests via iptables, but
nothing that I've tried seems to work. Here's the configs that I've
tried:
iptables -A INPUT -p udp -m udp --dport 67:68 -j DROP
iptables -A INPUT -p udp -m udp --dport 67:68 -i eth0 -j DROP
iptables -A INPUT -p udp -m udp --sport 67:68 -j DROP
iptables -A INPUT -p udp -m udp --sport 67:68 -i eth0 -j DROP
and various other combinations of the above. (TCP instead of UDP, etc.)
Unfortunately, no matter what I do the requests still come in and clog
my syslog. I've looked all over google and the first one of the above is
what I keep finding. Unfortunately, it still doesn't work. Any
suggestions? TIA.
-Alex

Attachment:
signature.ascDescription: This is a digitally signed message part